Pearls Productions, an e-commerce website (http://www. pearl-productions-shop.com) uses a cookie to keep a user session active once a user has logged in. When a user successfully logs in to the application, a cookie is sent to the client containing the user ID, and this is referred to when the user requests certain functions from the server to make sure that the user has certain rights.
How would you compromise this system, which relies on cookie-based security?